Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-29361 PoC — Pallets Werkzeug 环境问题漏洞

Source
https://github.com/kevin-mizu/Werkzeug-CVE-2022-29361-PoC
Associated Vulnerability
Title:Pallets Werkzeug 环境问题漏洞 (CVE-2022-29361)
Description:Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations involving development mode and an HTTP server from outside the Werkzeug project
Readme
# Werkzeug-CVE-2022-29361-PoC
File Snapshot

 [4.0K]  /data/pocs/12d1b538a212eea44f87b7d75831e495a18804bb
├── [ 151]  docker-compose.yaml
├── [1.0K]  LICENSE
├── [4.0K]  poc
│   ├── [ 390]  Dockerfile
│   └── [4.0K]  src
│       ├── [ 723]  app.py
│       └── [   5]  requirements.txt
├── [  31]  README.md
└── [4.0K]  vulnerable
    ├── [ 390]  Dockerfile
    └── [4.0K]  src
        ├── [ 272]  app.py
        ├── [  28]  requirements.txt
        └── [4.0K]  static
            └── [   0]  main.js

5 directories, 10 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →